NihalJain commented on code in PR #6783:
URL: https://github.com/apache/hbase/pull/6783#discussion_r2032435708
##########
hbase-rest/src/main/java/org/apache/hadoop/hbase/rest/RESTServer.java:
##########
@@ -287,6 +293,16 @@ public synchronized void run() throws Exception {
httpConfig.setSendServerVersion(false);
httpConfig.setSendDateHeader(false);
+ // In Jetty 12, ambiguous path separators, suspicious path characters, and
ambiguous empty
+ // segments are considered violations of the URI specification and hence
are not allowed.
+ // Refer to
https://github.com/jetty/jetty.project/issues/11890#issuecomment-2156449534
+ // We must set a URI compliance to allow for this violation so that client
requests are not
+ // automatically rejected. Our rest endpoints rely on this behavior to
handle encoded uri paths.
+ // Optionally, we can decide to not set this compliance rules, but may
break existing clients.
+ if (conf.getBoolean(HTTP_SET_URI_COMPLIANCE,
HTTP_SET_URI_COMPLIANCE_DEFAULT)) {
Review Comment:
Done
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@hbase.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
